How To Play Good Defense

The public sector has become a popular "soft target" for cybercriminals, and GovOS CTO Steve Russell has some advice for those guarding the gates.

CIOs in all industries are having to tackle the threat of cyberattacks that could wreak havoc on their systems—and those working for municipalities and county governments have special concerns for their constituents and critical local services.

Steve Russell, CTO of GovOS Inc. in Austin, Texas, shares how CIOs of local governments, as well as all other industries, can best protect their systems from bad actors. Russell brings more than three decades of experience in software development and technology innovation to GovOS. Prior to joining the company in 2015, he led development and product teams for OpenText, Lucent Technologies, Global360, Mosaix and IBM where he started his career.

As cybersecurity risks are growing due to the political climate, how is that impacting governments and enterprises worldwide?

The public sector has become particularly attractive for cybercriminals because it’s considered a “soft target.” Many organizations are using outdated hardware and software without strong cybersecurity and business continuity plans in place. It’s difficult, and usually prohibitively expensive, for a local government entity to implement and maintain the kind of security infrastructure [they need] to deal with today’s bad actors.

This is compounded by the fact that municipalities often store highly sensitive data, such as voter information and social security numbers, that are tempting targets to exploit. Not to mention, the cost associated with ransomware attacks isn’t only in terms of the ransom itself—in 2019, when the city of Baltimore became the victim of a ransomware attack, it spent over $18 million on a months-long recovery even though it declined to pay the ransom.

How can governments, enterprises, and critical infrastructures lean into technology to protect themselves and their citizens from the increasing rate of cyberattacks?

Moving to a native, public, cloud-based system is a game-changing opportunity for local governments. Attempting to match the strength of the security measures and data protection offered by the leading cloud providers in on-premise systems can be prohibitively expensive and labor-intensive, in large part because of the economy of scale. Using the public cloud allows local government offices to take advantage of the huge investments cloud providers make in security and infrastructure protection. 

The other aspect of this is the modernization of the applications that local governments have in place. Many are older and built on aging technology that can’t provide the kinds of protections that today’s cybersecurity challenges require. Putting systems into a secure setting like the public cloud is a great first step, but upgrading systems or moving to systems designed with security in mind should be considered as well.   

What advice do you have for CIOs/CTOs that are facing the dangers of cyberattacks in their own industry?

When it comes to cyberattacks, CIOs and CTOs must:

1) Ensure all staff members are fluent on cybersecurity threats and best practices;

2) Keep software up to date;

3) Implement data redundancy;

4) Back up your data both offline and online;

5) Develop a business continuity and disaster recovery plan in the event of an attack; and

6) Ask your vendors what steps they’re taking to protect your critical systems and information. 

Additionally, for data that falls into the category of controlled unclassified information, government agencies should look for vendors who have passed a SOC 2 audit, conducted by a reputable source. This will confirm that the vendor meets the applicable Trust Services Principles criteria with no exceptions listed. This thorough review will confirm that a software provider’s internal controls don’t have a negative impact on the security, confidentiality and availability of the systems it uses to process users’ data.

What potential threat should CIOs/CTOs be looking out for in the coming months, and how can they proactively safeguard their organization, employees and data?

When talking about the future, I like to refer to a great quote from John Warren, the county clerk in Dallas County, Texas, who likened cybersecurity to a chess game. “You have to think in terms of what are they going to do, and how are we going to respond?” That is pretty sage advice when it comes to cybersecurity.

The tactics and technologies that the bad actors use are constantly evolving. Sophisticated, and continuous monitoring and testing of your infrastructure and applications is absolutely key. Then, ensure that you have a process in place that quickly mitigates these newly discovered vulnerabilities. Having this continuous cycle of monitoring, alerting and mitigating is the only path to stay ahead of the next trick in the cybercriminal’s toolkit.

Get the StrategicCIO360 Briefing

Sign up today to get weekly access to the latest issues affecting CIOs in every industry


Strategy, Insights, Action

In our weekly newsletter, get insight into the biggest issues facing CIOs, along with strategic ideas, solutions, and interviews.

Strategy, Insights, Action

Once a week, get insight into the biggest issues facing CIOs, along with strategic ideas, solutions, and interviews.

Your information is secure – we don’t sell or rent your data to any third-parties.